-
Notifications
You must be signed in to change notification settings - Fork 595
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade libraries on 23.10.1 #5001
Comments
In the merged fix, I see that |
Likely these are deps in the Azure plugin. @bentsherman any clue? |
It is not a direct dependency of Nextflow or any core plugin, so it must be a transitive dep. I assumed it would be fixed by upgrading the other packages but I guess not. What's that gradle command to view the whole dependency tree? |
It is a dependency of the azure blob SDK. It is already up to date on 24.04, so you just need to backport this commit: 1bcbaf0 |
@arnaualcazar was that the only remaining vulnerability? |
I have performed a more in deep analysis. Adding pending High and critical vulnerabilities along with the paths were are they found.
|
Some libraries found in version 23.10.1 do have vulnerabilities. They need to be updated to the following min version:
The text was updated successfully, but these errors were encountered: